infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

No, LLM Agents can not Autonomously Exploit One-day Vulnerabilities

https://struct.github.io/auto_agents_1_day.html
this post | permalink
@FirehaK @da_667 I salute you!
this post | permalink
@da_667 can you share a 4k version?
this post | permalink
I search for "techno" on YT (I have this much creativity left for today, sorry), and the first result is a video about fucking Pokemon World.

#AdTech must die. (Pokemons are cool.)
this post | permalink
eScan AV also seems like a truly professional company:
- While they have a Vulnerability Disclosure Program, there is no listing of security advisories (ProTip: always make sure your vendor has an advisory listing)
- There is a Hall of Fame though, that just outright discloses the email addresses of reporters, but no info about the vulns
- This CVE record references a blog post, that simply bitrotted: https://nvd.nist.gov/vuln/detail/CVE-2018-18388
this post | permalink
avpwn++

https://github.com/v-p-b/avpwn/commit/41b16f9adbb174f37addcbf4a89439013fcbae2b
this post | permalink
Who does updates over HTTP and without signature enforcement in 2024? Of course it's an AV: https://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/
this post | permalink
[RSS] Hacking Exchange from the Outside In

https://www.atredis.com/blog/2024/4/22/hacking-exchange-from-the-outside-in
this post | permalink
[RSS] RESTler: Stateful REST API Fuzzing - Microsoft Research

https://www.microsoft.com/en-us/research/publication/restler-stateful-rest-api-fuzzing/
this post | permalink
@lcamtuf I have the same experience as you, just want to note that this likely has to do with handling verbatim queries (as shown by your example). Last time I checked Google had proper support for this (although hidden), while other like DDG didn't. Different experiences may be explained how specific individual people are with their queries/how much they rely on the engine to guide them.
this post | permalink
Next Page